Personal computers and business computers are continually attacked by trojans, spyware, and adware, collectively referred to as “malware” or “pestware.” These types of programs may act simply to destroy information or to gather information about a person or organization—often without the person or organization's knowledge. Some malware is highly malicious. Other malware is non-malicious but may cause issues with privacy or system performance.
Malware is often initiated or distributed in the form of a scripting language such as ECMAscript-based scripting languages (e.g., JavaScript or Flash). For example, attackers are known to cause a target web site, which may be a well-known and generally trusted web site (e.g., banking web site, national news web site, etc.) to include a malicious script in one or more webpages of the target site. These embedded scripts may then be automatically initiated and executed to exploit one or more aspects of a user's web browser or operating system when a user accesses the targeted webpage.
Products are available to detect some malware scripts, but many scripts are encoded and/or dynamically morph so as to be difficult to identify as malware. And known techniques, if effective at all, for detecting malicious or suspect scripts are slow, and as a consequence, not suitable to offer as a proxy-based implementation.